Pearce Barry
ec020e3d07
Land #7611 , cisco_ironport_enum falsely claimed connection failed
...
Fixes #7610
2016-11-24 09:54:09 -06:00
Jin Qian
65b858ac06
Fix issue 7610, cisco_ironport_enum falsely claimed connection failed.
...
Make sure we return 1 in check_conn method.
2016-11-23 14:59:07 -06:00
Jin Qian
b7ae7a47be
Fix issue #7608 where the SSL option was not turned on by default
...
Set the SSL option to be on by default.
2016-11-23 14:45:42 -06:00
Jin Qian
0df3e17e0c
Fix the issue in MS2132 where OWA_LOGIN doesn't continue on connection error.
...
The possibility of temporary connnection disruption means this module should keep trying other user/pass pairs upon error.
2016-11-23 09:56:27 -06:00
wchen-r7
83a3a4e348
Fix #7463 , check nil return value when using redis_command
...
Fix #7463
2016-11-21 15:52:12 -06:00
William Vu
6f8660f345
Land #7586 , NameError fix for brute_dirs
2016-11-21 14:46:19 -06:00
William Vu
c8320d661f
Land #7590 , mixin order fix for buffalo_login
2016-11-21 13:57:27 -06:00
Jin Qian
90d360a592
Fix the issue 7589, both RHOST and RHOSTS options are quired
...
Thanks to Will who found it's due to the order of mixin.
2016-11-21 11:06:32 -06:00
Jin Qian
18b873be47
Fix the exception issue reported in issue #7585
...
Fix the exception by initialize a key variable that caused the exception.
2016-11-21 10:00:23 -06:00
wchen-r7
00e4a8881f
Land #7574 , Update open_proxy aux module
2016-11-18 11:41:43 -06:00
wchen-r7
d3adfff663
Change syntax
2016-11-18 11:41:04 -06:00
wchen-r7
f894b9a4c5
Fix typo
2016-11-18 11:39:26 -06:00
Brendan
f2b9498643
Land #7576 , Fix RHOSTS use in auxiliary/scanner/ftp/titanftp_xcrc_traversal
2016-11-17 13:06:29 -06:00
Jin Qian
c03f35ef13
Fix the hanging of module auxiliary/scanner/ftp/titanftp_xcrc_traversal.rb
...
Thanks for Wei who pointed out the error: in store_loop call, it used "rhosts", should have been ip.
2016-11-17 10:08:59 -06:00
Cantoni Matteo
c9b9be9328
Update open_proxy aux module
2016-11-17 15:44:03 +01:00
William Vu
5c065459ae
print_{good,error} more specifically in open_x11
2016-10-31 11:29:00 -05:00
William Webb
9672759be8
Land #7462 , Add support for Unicode domains
2016-10-26 16:47:09 -05:00
Jon Hart
342bfd628a
Dont' set default PORTS or PROBE options. Require user configuration.
2016-10-25 15:58:46 -05:00
Jon Hart
2a18ea0e33
Initial commit of generic module for detecting UDP amplification vulnerabilities
2016-10-25 15:58:46 -05:00
Jon Hart
7f65b28483
Deprecate udp_probe in favor of udp_sweep
2016-10-23 13:06:58 -07:00
Brendan
b5a41c3011
Convert ANSI data to UTF-8 char by char because MS might
...
put an invalid character in the WORKGROUP name during SMB
handshake
2016-10-19 17:42:26 -05:00
William Vu
2668a4a1cd
Fix #6993 , tnspoison_checker cleanup
2016-10-19 00:53:33 -05:00
William Webb
8e2ff8df80
Land #7433 , Add IP Addresses to HTTP PUT/DELETE scanner output
2016-10-14 13:27:17 -05:00
Brent Cook
9fbe1ddd9d
Land #7384 , CVE-2016-6415 - Cisco IKE Information Disclosure
2016-10-14 08:41:34 -05:00
nixawk
b74539be44
check if isakmp payload is same to IKE Leak data
2016-10-13 04:20:23 -05:00
nixawk
7536d1d94a
print leak data
2016-10-12 02:42:50 -05:00
nixawk
70d4833654
Fix report_vuln
2016-10-12 02:16:00 -05:00
Alton J
98d7b19ab9
Passed IP parameter to additional functions.
2016-10-11 15:09:50 -05:00
Alton J
acff0fa9cf
Added IP addresses to output.
2016-10-11 14:43:42 -05:00
Alton J
f0ff4a0721
Added IP addresses to output.
2016-10-11 14:42:06 -05:00
Sonny Gonzalez
3fd806b87f
Merge remote-tracking branch 'upstream/pr/6993' into land-6993
2016-10-11 09:33:26 -05:00
Brent Cook
e074669406
Land #7296 , Added a SCADA module for detecting Profinet devices, e.g. Siemens controllers
2016-10-08 21:34:40 -05:00
Stephen Haywood
2d361fabc6
No need to interpolate when using .to_s
2016-10-03 11:38:36 -04:00
Stephen Haywood
95f9b778bd
Use standard status messages instead of verbose.
2016-10-03 11:01:51 -04:00
Stephen Haywood
d088005d95
TABLE_NAME option not needed.
2016-10-03 10:58:13 -04:00
Stephen Haywood
5f12c8e026
Incorrect warning message
...
The filename is not always test so the warning message and the note in the description are incorrect.
2016-10-03 10:57:25 -04:00
Stephen Haywood
25996a16bb
Fixed file read block.
2016-10-03 10:47:03 -04:00
Stephen Haywood
708eb0eb4f
Fixed syntax error.
2016-10-03 10:17:29 -04:00
Stephen Haywood
fac03570d1
Use File.open block.
2016-10-03 10:09:45 -04:00
Stephen Haywood
bc57537205
Add warning statement.
2016-10-03 10:07:40 -04:00
Stephen Haywood
a627c3cd5e
Removed unnecessary return statements.
2016-10-03 10:02:26 -04:00
Stephen Haywood
6fa8f40b31
Use unless instead of if (not ...)
2016-10-03 10:00:56 -04:00
Interference Security
3e01dbfded
Fixed Space-Tab mixed indent warning
2016-10-01 15:13:26 +05:30
Interference Security
4227cb76a8
Fixed stack trace bug & verified logic
...
- Fixed stack trace bug when value of "packet" is nill.
- Verified logic of Oracle TNS Listener poisoning which requires an ACCEPT response to be marked as vulnerable.
2016-10-01 15:01:02 +05:30
Stephen Haywood
63c0b6f569
Login failure message.
2016-09-30 17:09:41 -04:00
Stephen Haywood
7996c4b048
Warning about leaving files on disk.
2016-09-30 14:53:15 -04:00
Stephen Haywood
3e4a23cdf6
Removed unnecessary require statement.
2016-09-30 14:51:43 -04:00
nixawk
ac76c3591a
reference urls
2016-09-29 22:43:00 -05:00
nixawk
5929d72266
CVE-2016-6415 - cisco_ike_benigncertain.rb
2016-09-29 22:25:57 -05:00
averagesecurityguy
f7e588cdeb
Initial commit of module.
2016-09-28 14:55:32 -04:00
Brendan
b9de73e803
Land #7334 , Add aux module to exploit WINDOWS based (java) Colorado
...
FTP server directory traversal
2016-09-26 14:15:23 -05:00
Tijl Deneut
2fab62b14d
Update profinet_siemens.rb
...
Removed unnecessary rescue, gave "timeout" variable a better name.
2016-09-23 18:05:45 +02:00
Brent Cook
a9a1146155
fix more ssh option hashes
2016-09-20 01:30:35 -05:00
David Maloney
e315ec4e73
Merge branch 'master' into bug/7321/fix-ssh-modules
2016-09-19 15:27:37 -05:00
David Maloney
06ff7303a6
make pubkey verifier work with old module
...
make the new pubkey verifier class and
the old identify_pubkeys aux module work
together
7321
2016-09-19 15:20:35 -05:00
h00die
9c922d111f
colorado ftp
2016-09-18 20:03:16 -04:00
William Vu
4ba1ed2e00
Fix formatting in fortinet_backdoor
...
Also add :config and :use_agent options.
2016-09-16 12:32:30 -05:00
David Maloney
26491eed1a
pass the public key in as a file instead of data
...
when using key_data it seems to assume it is a private
key now. the initial key parsing error can be bypassed
by doing this
7321
2016-09-16 11:48:51 -05:00
David Maloney
dfcd5742c1
some more minor fixes
...
some more minor fixes around broken
ssh modules
7321
2016-09-15 14:25:17 -05:00
David Maloney
e10c133eef
fix the exagrid exploit module
...
split the exagrid exploit module up and
refactor to be able to easily tell if the
key or the password was used
7321
2016-09-15 11:44:19 -05:00
Brent Cook
7352029497
first round of SSL damage fixes
2016-09-13 17:42:31 -05:00
wchen-r7
245237d650
Land #7288 , Add LoginScannerfor Octopus Deploy server
2016-09-13 17:26:56 -05:00
Tijl Deneut
8df8f7dda0
Initial commit of profinet_siemens.rb
2016-09-11 09:15:41 +02:00
Brent Cook
a81f351cb3
Land #7274 , Remove deprecated modules
2016-09-09 12:01:59 -05:00
Brent Cook
1d4b0de560
Land #6616 , Added an Outlook EWS NTLM login module.
2016-09-09 11:43:52 -05:00
Brendan
a30711ddcd
Land #7279 , Use the rubyntlm gem (again)
2016-09-07 16:33:35 -05:00
aushack
7632c74aba
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2016-09-07 14:15:57 +10:00
aushack
6e21684ff7
Fix typo.
2016-09-07 14:08:46 +10:00
james-otten
dcf0d74428
Adding module to scan for Octopus Deploy server
...
This module tries to log into one or more Octopus Deploy servers.
More information about Octopus Deploy:
https://octopus.com
2016-09-06 20:52:49 -05:00
William Vu
fed2ed444f
Remove deprecated modules
...
psexec_psh is undeprecated because users have been reporting
idiosyncrasies between it and psexec in the field.
2016-09-03 12:43:01 -05:00
Jon Hart
b0e45341e5
Update redis file_upload to optionally FLUSHALL before writing
...
This increases the chances that the uploaded file will be usable as-is
rather than being surround by the data in redis itself.
2016-08-31 14:27:18 -07:00
Brendan
b21ea2ba3f
Added code to assign CPORT value to the parent scanner object
2016-08-29 13:17:10 -05:00
Pearce Barry
226ded8d7e
Land #6921 , Support basic and form auth at the same time
2016-08-25 16:31:26 -05:00
William Vu
cd858a149f
Add DETECT_ANY_AUTH to make bogus login optional
2016-08-23 23:05:47 -05:00
David Maloney
20947cd6cd
remove old dependency on net-ssh moneykpatch
...
the ssh_login_pubkey scanner relied on functionality that
was monkeypatched into our vendored copy. this was an uneeded solution
in the first palce, and we now use a more sane method of accomplishing
the same thing
2016-08-22 10:54:09 -05:00
wchen-r7
5f8ef6682a
Fix #7202 , Make print_brute print ip:rport if available
...
Fix #7202
2016-08-16 15:34:30 -05:00
David Maloney
eb73a6914d
replace old rex::ui::text::table refs
...
everywhere we called the class we have now rewritten it
to use the new namespace
MS-1875
2016-08-10 13:30:09 -05:00
Jon Hart
554a0c5ad7
Deprecate nbname_probe, which duplicate nbname as of 77cd6dbc8b
2016-08-02 17:36:22 -07:00
wchen-r7
cce1ae6026
Fix #6989 , scanner modules printing RHOST in progress messages
...
Fix #6989
2016-07-25 23:15:59 -05:00
James Lee
ff63e6e05a
Land #7018 , unvendor net-ssh
2016-07-19 17:06:35 -05:00
Brent Cook
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e0216
, reversing
changes made to 7b1d9596c7
.
2016-07-15 12:00:31 -05:00
David Maloney
b6b52952f4
set ssh to non-interactive
...
have to set the non-interactive flag so that it does not
prompt the user on an incorrect password
MS-1688
2016-07-14 11:12:03 -05:00
David Maloney
01d0d1702b
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-07-14 09:48:28 -05:00
Brent Cook
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
Brent Cook
128f802928
use the regex source when generating or displaying a regex
2016-07-11 22:05:50 -05:00
James Lee
cfb56211e7
Revert "Revert "Land #7009 , egypt's rubyntlm cleanup""
...
This reverts commit 1164c025a2
.
2016-07-07 15:00:41 -05:00
James Lee
1164c025a2
Revert "Land #7009 , egypt's rubyntlm cleanup"
...
This reverts commit d90f0779f8
, reversing
changes made to e3e360cc83
.
2016-07-05 15:22:44 -05:00
David Maloney
5f9f3259f8
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-07-05 10:48:38 -05:00
Pearce Barry
159446ce92
Ensure http_login scanner module saves passwds.
...
Fixes #6983 . When the auxiliary/scanner/http/http_login module discovers a successful basic auth user+password combination, make sure we properly store the password by specifically telling the credentials gem that the private data we're storing is a :password.
2016-06-30 16:58:39 -05:00
David Maloney
3d93c55174
move sshfactory into a mixin method
...
use a convience method to DRY up creation
of the SSHFactory inside modules. This will make it easier
to apply changes as needed in future. Also changed msframework attr
to just framework as per our normal convention
MS-1688
2016-06-28 15:23:12 -05:00
David Maloney
ee2d1d4fdc
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-06-28 15:00:35 -05:00
David Maloney
97f9ca4028
Merge branch 'master' into egypt/ruby-ntlm
2016-06-28 14:14:56 -05:00
David Maloney
6c3871bd0c
update ssh modules to use new SSHFactory
...
updated all of our SSh based module to use the
new SSHFactory class to plug Rex::Sockets into
Net::SSH
MS-1688
2016-06-24 13:55:28 -05:00
David Maloney
5bc513d6cd
get ssh sessions working properly
...
ssh sessions now working correctly
MD-1688
2016-06-24 12:14:48 -05:00
David Maloney
3e94abe555
put net:ssh::commandstream back
...
this was apparently our own creation for doing
ssh sessions
MD-1688
2016-06-22 15:02:36 -05:00
James Lee
07f7e5e148
Convert non-loginscanner MSSQL to rubyntlm
2016-06-22 10:15:22 -05:00
Interference Security
0fa1fc50f8
Fixed false positive bug
...
Checking for "(ERROR_STACK=(ERROR=" is not enough to mark a target as vulnerable. TNS response packet bytes for "Accept" and "Refuse" are required to be sure.
Reference: https://thesprawl.org/research/oracle-tns-protocol/
2016-06-19 17:33:05 +05:30
Brendan Watters
c02a05f913
Removed code that was already commented out
2016-06-17 15:47:15 -05:00
Brendan Watters
1225a93179
Moved ClamAV scanner to scanning module
...
s
2016-06-17 15:40:33 -05:00
Brent Cook
b0bf901b22
Land #6950 , avoid printing rhost:rport twice when using Msf::Exploit::Remote::SMB::Client
2016-06-09 16:35:09 -05:00